Overview

overview

10

Static

static

7676267b7b...5c.exe

windows7-x64

10

7676267b7b...5c.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7676267b7be6e62a6635ce49cf43e8f1e62b15c76fd8fa5a1d5e4c325bb8835c

  • Size

    717KB

  • Sample

    221004-hrn4rsggak

  • MD5

    47d66bd9b57a540e1c5394e33c475c11

  • SHA1

    0c3a9079e5e403bc0241845e3db25d3b2a9918d6

  • SHA256

    7676267b7be6e62a6635ce49cf43e8f1e62b15c76fd8fa5a1d5e4c325bb8835c

  • SHA512

    5eb949996f36e8ef753614ff7d2cd540f822db8cc6078b35e9c2b0168f6b6a7d59310e3fb37835916d69da83ccf8381e0226169d7770ee70f54868331bb7a664

  • SSDEEP

    12288:+c//////72K3yvCr16Y3mtlGjqA0gfBxV6bdo3EMLPsNClnLNzjcLb5KYnc4XJhz:+c//////7226c16YWjGm2BxV6bk1LP74

Score
10/10
modiloadertrojan

Malware Config

Targets

    • Target

      7676267b7be6e62a6635ce49cf43e8f1e62b15c76fd8fa5a1d5e4c325bb8835c

    • Size

      717KB

    • MD5

      47d66bd9b57a540e1c5394e33c475c11

    • SHA1

      0c3a9079e5e403bc0241845e3db25d3b2a9918d6

    • SHA256

      7676267b7be6e62a6635ce49cf43e8f1e62b15c76fd8fa5a1d5e4c325bb8835c

    • SHA512

      5eb949996f36e8ef753614ff7d2cd540f822db8cc6078b35e9c2b0168f6b6a7d59310e3fb37835916d69da83ccf8381e0226169d7770ee70f54868331bb7a664

    • SSDEEP

      12288:+c//////72K3yvCr16Y3mtlGjqA0gfBxV6bdo3EMLPsNClnLNzjcLb5KYnc4XJhz:+c//////7226c16YWjGm2BxV6bk1LP74

    Score
    10/10
    modiloadertrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks